NACD, Ridge Global, and the Software Engineering Institute at Carnegie Mellon University Announce Cyber-Risk Oversight Program for Corporate Directors

WASHINGTON, DC (Sept. 14, 2016) – With the critical issue of cyber-risk oversight at the top of every board’s agenda, the National Association of Corporate Directors (NACD), Ridge Global, and the CERT Division of the Software Engineering Institute at Carnegie Mellon University today announced the development of the first-ever NACD Cyber-Risk Oversight Program for corporate directors, which confers the CERT Certificate in Cybersecurity Oversight.

The program brings together the professional-development capabilities of NACD, the standard setter for responsible board leadership; Ridge Global’s experience supporting C-suite executives and board leaders; and the deep cyber-technical expertise of the world-renowned SEI CERT Division to deliver a cyber education and resource program that addresses the specific cyber-risk oversight responsibilities of board members and executives.

“While NACD’s latest governance survey found that only 14 percent of respondents believe their boards have a high level of understanding of the risks associated with cybersecurity,” said NACD’s CEO Ken Daly, “our director members across the country have demonstrated a strong interest in enhancing their cyber-risk oversight capabilities.”

The NACD Cyber-Risk Oversight Program will include the CERT Certificate in Cybersecurity Oversight, along with multiple NACD resources on cyber-risk oversight such as NACD’s Director’s Handbook on Cyber-Risk Oversight, the first private-sector resource to be featured on the Department of Homeland Security’s C3 Voluntary Program website.

“The SEI’s CERT Division has long advocated that authority for enterprise security should be held at the governance level of organizations—in boards of directors and senior executives,” said Robert F. Behler, deputy director and COO of the SEI. “The NACD Cyber-Risk Oversight Program will help senior leaders understand, achieve, and sustain an organization’s position on cyber risk.”

The program will be delivered completely online, allowing busy corporate directors and executives to complete the certificate from any location and at their own pace. The robust, multi-module certificate program will improve corporate directors’ understanding of cybersecurity risks, detail the respective responsibilities of the board and C-suite executives in cyber-risk oversight, and engage participants in a cyber-crisis simulation. The course will culminate in a comprehensive exam. Upon successful completion of the exam, participants will earn the CERT Certificate in Cybersecurity Oversight.

“Cyber threats have added another complex layer for corporate directors as they help to manage 21st century business risk,” said Gov. Tom Ridge, the first U.S. Secretary of Homeland Security and CEO of Ridge Global. “Ridge Global is pleased to partner with NACD and the SEI on this innovative program to help board members and executives strengthen their ability to work with both IT and enterprise leaders to more effectively evaluate and reduce digital risk.”

The NACD Cyber-Risk Oversight Program is expected to be available in late 2016. Visit www.NACDonline.org/CyberCertificate to request additional information about the NACD Cyber-Risk Oversight Program for corporate directors.

About NACD

The National Association of Corporate Directors (NACD) empowers more than 17,000 directors to lead with confidence in the boardroom. As the recognized authority on leading boardroom practices, NACD helps boards strengthen investor trust and public confidence by ensuring that today’s directors are well-prepared for tomorrow’s challenges. World-class boards join NACD to elevate performance, gain foresight, and instill confidence. Fostering collaboration among directors, investors, and governance stakeholders, NACD has been setting the standard for responsible board leadership for 40 years. To learn more about NACD, visit www.NACDonline.org. To become an NACD member, please contact Steve Kalan at Join@NACDonline.org or 202-572-2089. If you are already a member, contact your NACD Membership Advisor at MembershipAdvisor@NACDonline.org to ensure that you are receiving the best value from your membership.

About Ridge Global

Ridge Global is the risk management firm led by Tom Ridge, the first U.S. Secretary of Homeland Security and 43rd Governor of Pennsylvania. Ridge Global works with C-suite and board executives around the world to reduce enterprise cyber risk and to build more resilient organizations through innovative protection and response capabilities, cyber education and insurance solutions. Learn more at www.ridgeglobal.com.

About the Software Engineering Institute

The Software Engineering Institute (SEI) is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI works with organizations to make measurable improvements in their software engineering capabilities by providing technical leadership to advance the practice of software engineering. For more information, visit the SEI website at www.sei.cmu.edu. The CERT Division of the SEI is the world’s leading trusted authority dedicated to improving the security and resilience of computer systems and networks and a national asset in the field of cybersecurity. For more information, visit www.cert.org.